System Integrity - Fairmount Automation

Includes a ‘Secure Authenticator’ integrated circuit used for secure storage and processing of system and device cryptographic keys
The processor includes a protected secure enclave that performs a trusted boot which verifies the firmware and boots in a known secure state
Whitelisting: The host operating system only allows specific / pre-defined processes to run
Software/Firmware and Configuration Files are validated for software authenticity (i.e., software is from Fairmount Automation and/or from a specific project), integrity (i.e., has not been modified), and confidentiality (i.e., encrypted to protect contents)
The panels may be restored to a known, trusted state that validates authenticity, integrity, and confidentiality. Only authenticated users with configuration rights are permitted to initiate the restoration process. Initiation of the restoration process will be stored in the log file.
All panels include mechanisms to wipe system and configuration data
Configuration files at rest (configuration PC, embedded target, flash drives, etc) are stored in an encrypted state. Data at rest shall be cryptographically protected in accordance with the Federal Information Processing Standard (FIPS) 140-2 Advanced Encryption Standard (AES) at key strength of 256 bits minimum.